Awesome Open Source
Awesome Open Source
Combined Topics
security-testing
x
Advertising
📦 9
All Projects
Application Programming Interfaces
📦 120
Applications
📦 181
Artificial Intelligence
📦 72
Blockchain
📦 70
Build Tools
📦 111
Cloud Computing
📦 79
Code Quality
📦 28
Collaboration
📦 30
Command Line Interface
📦 48
Community
📦 81
Companies
📦 60
Compilers
📦 60
Computer Science
📦 74
Configuration Management
📦 39
Content Management
📦 167
Control Flow
📦 197
Data Formats
📦 77
Data Processing
📦 266
Data Storage
📦 132
Economics
📦 60
Frameworks
📦 198
Games
📦 122
Graphics
📦 103
Hardware
📦 148
Integrated Development Environments
📦 47
Learning Resources
📦 147
Legal
📦 28
Libraries
📦 119
Lists Of Projects
📦 21
Machine Learning
📦 336
Mapping
📦 61
Marketing
📦 15
Mathematics
📦 55
Media
📦 228
Messaging
📦 97
Networking
📦 304
Operating Systems
📦 84
Operations
📦 120
Package Managers
📦 52
Programming Languages
📦 229
Runtime Environments
📦 96
Science
📦 42
Security
📦 375
Social Media
📦 26
Software Architecture
📦 70
Software Development
📦 68
Software Performance
📦 57
Software Quality
📦 127
Text Editors
📦 45
Text Processing
📦 131
User Interface
📦 310
User Interface Components
📦 465
Version Control
📦 29
Virtualization
📦 68
Web Browsers
📦 38
Web Servers
📦 25
Web User Interface
📦 194
The Top 156 Security Testing Open Source Projects on Github
Categories
>
Security
>
Security Testing
Caldera
⭐
2,900
Scalable Automated Adversary Emulation Platform
Kunpeng
⭐
1,134
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
Passhunt
⭐
898
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Command Injection Payload List
⭐
700
🎯 Command Injection Payload List
Habu
⭐
684
Hacking Toolkit
Awesome Python Security
⭐
613
Awesome Python Security resources 🕶🐍🔐
Security Tools
⭐
530
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Injuredandroid
⭐
420
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Taipan
⭐
369
Web application vulnerability scanner
Securecodebox
⭐
360
secureCodeBox (SCB) - continuous secure delivery out of the box
Gotestwaf
⭐
356
An open-source project in Golang to test different web application firewalls (WAF) for detection logic and bypasses
Hackertarget
⭐
328
🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯
Caringcaribou
⭐
322
A friendly car security exploration tool for the CAN bus
Shodansploit
⭐
312
🔎 shodansploit > v1.3.0
Watchdog
⭐
309
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Awesome Dotnet Security
⭐
302
Awesome .NET Security Resources
Honggfuzz Rs
⭐
247
Fuzz your Rust code with Google-developed Honggfuzz !
Php Security Check List
⭐
243
PHP Security Check List [ EN ] 🌋 ☣️
Apk Medit
⭐
232
memory search and patch tool on debuggable apk without root & ndk
Oscp Cheat Sheet
⭐
217
This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Chain Reactor
⭐
214
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Awesome Java Security
⭐
182
Awesome Java Security Resources 🕶☕🔐
Libdiffuzz
⭐
149
Custom memory allocator that helps discover reads from uninitialized memory
Nerve
⭐
140
NERVE Continuous Vulnerability Scanner
Red_team_attack_lab
⭐
131
Red Team Attack Lab for TTP testing & research
Siderophile
⭐
121
Find the ideal fuzz targets in a Rust codebase
Url Abuse
⭐
115
URL Abuse - A Versatile Software for URL review, analysis and black-list reporting
Laf
⭐
107
This project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.
Metasploit Cheat Sheet
⭐
104
Metasploit Cheat Sheet 💣
Wirebug
⭐
103
WireBug is a toolset for Voice-over-IP penetration testing
Ipa Medit
⭐
77
Memory modification tool for re-signed ipa supports iOS apps running on iPhone and Apple Silicon Mac without jailbreaking.
Ezemu
⭐
73
See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
Resources
⭐
64
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Magpie
⭐
60
Beyond CSPM. Security analysis and threat detection for cloud infrastructure.
Unsafe_bank
⭐
60
Vulnerable Banking Suite
Deemon
⭐
54
Deemon is a tool to detect CSRF in web applications. Deemon has been used for the paper "Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs" by G. Pellegrino, M. Johns, S. Koch, M. Backes, and C. Rossow.
Boxxy Rs
⭐
54
Linkable sandbox explorer
Integrated Security Testing Environment
⭐
46
Integrated Security Testing Environment for Web Applications as Burp Extension
Automated Xss Finder
⭐
43
Automated XSS Finder
Delta
⭐
41
PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK
Icmpdoor
⭐
41
ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)
Holisticinfosec For Webdevelopers Fascicle0
⭐
40
📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚
Gopoc
⭐
39
用cel-go重现了长亭xray的poc检测功能的轮子
Owasp Jenkins
⭐
38
Want to test your applications using the latest OWASP security toolchains and the NIST National Vulnerability Database using Jenkins, Ansible and docker? 🐳 🛡 🔒
Mobsf Ci
⭐
37
All that is required to run MobSF in the ci
Purpleteam
⭐
37
CLI component of OWASP PurpleTeam
Aprox
⭐
36
android proxy setting tool
Apkutil
⭐
34
a useful utility for android app security testing
Ai For Security Testing
⭐
33
My AI security testing projects
Penetration_testing
⭐
33
🎩 [penetration testing Book], Kali Magic, Cryptography, Hash Crack, Botnet, Rootkit, Malware, Spyware, Python, Go, C|EH.
Sherlock
⭐
30
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Itwsv
⭐
28
ITWSV- Integrated Tool for Web Security Vulnerability
Zip Shotgun
⭐
25
Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities (aka Zip Slip)
Event Generator
⭐
25
Generate a variety of suspect actions that are detected by Falco rulesets
Lol Hacking
⭐
23
My Hacking Activities!
Owasp Zap Glue Ci Images
⭐
20
Ready to use images of Zap and Glue, especially for CI integration.
Python Pentest Toolkit
⭐
19
Pentest ToolKit
Python Keylogger
⭐
18
Advanced Pure-Python Keylogger
Execute Machine Code From Memory
⭐
18
Proof of concept example: executing machine code from different memory areas: stack, heap, shared memory
Droidmate
⭐
18
DroidMate-2: A Platform for Android Test Generation
Faraday_plugins
⭐
17
Security tools report parsers for FaradaySEC
Holisticinfosec For Webdevelopers Fascicle1
⭐
16
📚 VPS 🔒 Network 🔒 Cloud 🔒 Web Applications 📚
Lauschgeraet
⭐
16
Gets in the way of your victim's traffic and out of yours
Links Qa
⭐
15
Сборная солянка полезных ссылок для QA/тестировщика. Ссылки будут постоянно пополняться.
Sicak
⭐
12
SIde-Channel Analysis toolKit: embedded security evaluation tools
Elastic_scan
⭐
12
Dump elasticsearch instance
Easy_sast
⭐
11
A docker container that integrates static analysis tools into your project
Input Field Finder
⭐
11
Spiders given URLs for input fields.
Aws Security 365
⭐
11
A collection of open source tools to assess, harden and audit various AWS services from a security perspective
Ipautil
⭐
10
a useful utility for ios app security testing
Cppcheck Action
⭐
10
A github action to perform C/C++ security checks automatically
Blip
⭐
10
Test business websites for speed, usability, security and the HTML5 doctype in a neighbourhood or by URL.
Dark Sniffer
⭐
10
Dark Sniffer - small Sniffer only TCP/ICMP/UDP incoming package
Multiscanner
⭐
9
Security Tool which scans a target using OpenVAS, Zap, and Nexpose. And consolidates the scan result.
Automated Api Ddt Framework
⭐
8
Automated API Data Driven Test (DDT) Framework
Asoc Devops Tooling
⭐
8
This project will provide DevOps automation in the form of snippets, sample apps, and plugins in support of integrating with IBM Application Security on Cloud for automated security scans of software projects using popular tools and frameworks across the DevOps landscape.
Holisticinfosec For Webdevelopers Fascicle2
⭐
7
📚 IoT 🔒 Mobile 📚
Secrep
⭐
7
SecRep Is a Repository That Contain Useful Intrusion, Penetration and Hacking Archive Including Tools List, Cheetsheet and Payloads
Secure Headers
⭐
6
secure header report and best practices config for Apache, Nginx, lighttpd, Cloudflare, netlify
Tendaspill
⭐
6
An exploitation tool to extract passwords using CVE-2015-5995.
Fuzztest Rs
⭐
6
Easily test your software using powerful evolutionary, feedback-driven fuzzing technology.
Purpleteam Tls Scanner
⭐
6
TLS scanning component of OWASP PurpleTeam
Rdp Takeown Icacls
⭐
5
This bash script will configure Windows to allow and deny two different person on the computer from accessing/executing each others data. Will also deny any access of denyuser to System32 and SysWOW64 important files. I had this idea when people were starting to screw with my remote desktop server.
Owasp Webgoat Dot Net Docker
⭐
5
Docker container for running OWASP WebGoat.NET application
Xsscan
⭐
5
A simple script to detect unescaped characters in a web application for e.g. Cross Site Scripting (XSS) attacks.
Firebase Security Testing
⭐
5
Testing framework for firestore and firebase storage security rules.
Jwt Utils
⭐
5
A few utilities to work with JWTs.
Purpleteam App Scanner
⭐
5
Application scanning component of OWASP PurpleTeam
Web Methodology
⭐
5
Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Container Security Testing
⭐
5
A list of security testing tools for containerized applications
Automacrobuilder
⭐
5
A BurpSuite Add-on that allows testing of web application vulnerabilities by recording complex multi-step sequences. You can test applications that need to access pages in a specific order, such as shopping carts or registration of member information.
Python Nikto Vulnerability Report Tool
⭐
5
Nikto Vulnerability Report Tool 🌌
Automatedsecuritytesting_owaspzappythonapi
⭐
5
Automated Security testing using ZAP Python API. This can be used with any functional UI automation tool.
Purpleteam Iac Sut
⭐
4
Infrastructure as Code for SUTs
Purpleteam Logger
⭐
4
Logging component of OWASP PurpleTeam
Identificador Cve 2018 11759
⭐
4
This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer
Probely Security Plugin
⭐
4
Integrate our security scans with your Jenkins CI/CD pipeline
Bypassjqueryrealpersoncaptcha
⭐
4
A Chrome Plugin to Bypass jQuery Real Person Captcha
Burp Domsink Logger
⭐
4
Injects a trusted types policy into an HTML page to log all DOM sinks whenever HTML is written into the DOM.
Cybersecuritytechnology.github.io
⭐
3
This will be the main repository.
1-100 of 156 projects
Next >
Related Projects
Security Tools Testing Projects (4)
Advertising
📦 9
All Projects
Application Programming Interfaces
📦 120
Applications
📦 181
Artificial Intelligence
📦 72
Blockchain
📦 70
Build Tools
📦 111
Cloud Computing
📦 79
Code Quality
📦 28
Collaboration
📦 30
Command Line Interface
📦 48
Community
📦 81
Companies
📦 60
Compilers
📦 60
Computer Science
📦 74
Configuration Management
📦 39
Content Management
📦 167
Control Flow
📦 197
Data Formats
📦 77
Data Processing
📦 266
Data Storage
📦 132
Economics
📦 60
Frameworks
📦 198
Games
📦 122
Graphics
📦 103
Hardware
📦 148
Integrated Development Environments
📦 47
Learning Resources
📦 147
Legal
📦 28
Libraries
📦 119
Lists Of Projects
📦 21
Machine Learning
📦 336
Mapping
📦 61
Marketing
📦 15
Mathematics
📦 55
Media
📦 228
Messaging
📦 97
Networking
📦 304
Operating Systems
📦 84
Operations
📦 120
Package Managers
📦 52
Programming Languages
📦 229
Runtime Environments
📦 96
Science
📦 42
Security
📦 375
Social Media
📦 26
Software Architecture
📦 70
Software Development
📦 68
Software Performance
📦 57
Software Quality
📦 127
Text Editors
📦 45
Text Processing
📦 131
User Interface
📦 310
User Interface Components
📦 465
Version Control
📦 29
Virtualization
📦 68
Web Browsers
📦 38
Web Servers
📦 25
Web User Interface
📦 194
"GitHub" is a registered trademark of GitHub, Inc. Awesome Open Source is not affiliated with GitHub.
